Slashdot Mirror
MUTE Grows In Popularity, Iterations
jcr13 writes "MUTE is a search-and-download file sharing network that uses ant-inspired routing to make both downloaders and uploaders anonymous. Version 0.2 was released today (change log). Since its mid-December 0.1 release, MUTE has risen from complete obscurity to one of the top-ten most active SourceForge projects. Several people have described MUTE as a "third-generation file sharing network," with the first two generations being Napster and Gnutella (and generation zero being the web---remember when MP3s were traded through web pages?). Each generation circumvents the tactics that the RIAA used to squash the previous generation. Alas, each generation is less and less efficient (though MUTE's dynamic routing works surprisingly well).
MUTE was discussed in a previous Slashdot story. Oh, and if you are wondering, it's M.U.T.E., lady, an acronym, not "mute," and we had best not go into it any further."
So, rather than hyping MUTE, can anyone provide numbers for the network size?
Reliable, Great Value Hosting: $7.95/mo 2.4G/120G
IRC, FTP, and NNTP
File sharing on the web is pretty recent though there was some in the early 90s. IRC file trading was well established by then, and FTP goes way back. And of course NNTP would never have bloomed without the a.s.b hierarchy.
Every generation of kids thinks that they were the generation that invented sex. Every generation of computer users is equally naive too.
YAW.
Your head of state is a corrupt weasel, I hope you're happy.
sorry to go further... but anybody who thinks people are going to pronounce this program as Em. You. Tee. E. and not "myoot" when there is a mute in a trumpet as part of the logo is a dang fool.
-Rob
Heil Sig! -Rob
IRC, FTP, and NNTP fit into "the web/gen 0" category in this context... as non-P2P apps.
You better watch out old man... or we young punks will invent a new generation of computers that are harder to use than a VCR remote control.
From what I can gather from the project page (which is almost entirely presented in the ant colony analogy), this is an interesting idea to ensure anonymity - essentially a routing protocol at the TCP or UDP level, using a probabilistic mechanism to determine reasonably shortest paths. However, I'm not certain what implications this has for bandwidth efficiency, especially for relatively isolated nodes which may have high bandwidth connections to certain NAPs but not others. Might be workable in conjunction with a bittorrent like model with sections of a file downloaded from multiple peers, but keeping track of upload credits might be harder in this case. I doubt this will be much of a barrier to the RIAA however, as they might just decide to go after the machines that are routing the file to their ultimate destination, as this is different from the ISP case (which is still being tried in the courts).
"The slave who knows his master's will and does not get ready...will be be beaten with many blows."Luke 12:47-48
I still think you it comes down to the encryption. With enough hosts you could figure out which virtual address are the most reponsive for replies. And make a best guess that person is responsible. Attack in numbers, and then over time, find out which IP's respond, fall back to normal IP logging. Then ask your ISP who had which IP's over time, and go after that user.
I liked how they stated, the virtual addresses and routing tables will be tweaked for best anti-spaming and spoof checking.
Seems like they are working hard on the transport, after thats perfected, then you can add all the features like hash checking, multipart downloads, and file searching.
I like this much better than freenet. Sorry, no internal search engine, and everyone has to give up disk space for cache.
-
Secondlife for programmers, artists and designers.
So I played with it for about 15 minutes and I found out a few things. First of all, it is really anonymous. There is no freakin' way to find out who anyone is. All you know are the IP addresses of the people who are directly connected to you on the network. You don't know which files they have or anything. And when you download or upload something you have no idea who is at the other end.
Here are the problems. First off, it is slow and unstable. Not to be unexpected for a non mature project. Another problem is the lack of search results. Searching for led zeppelin, a common band, returned 2 results when I was connected to 20 nodes. That's kind of sad. Last problem is that there are so few features. This is a raw bare bones client. Someone needs to make another client that has more stuff, like DC++ did for direct connect. For now I'll stick to DC for everyday quick p2p and WinMX for those rare hard to find files.
The GeekNights podcast is going strong. Listen!
and generation zero being the web---remember when MP3s were traded through web pages?
Hell I remember when I actually traded *tapes* with *other people*! I mean I actually went out into the big blue place (eww, sunlight) and after a while I would like be in the same room with another person, or more than one!! And we would use instant messaging, only it was completely audio based and there was no computer or cell phone! The audio came out of my mouth and went straight into the other dude's ear! It was wild!
Sometimes when we wanted to express happiness, or anger, we would scrunch our faces up to look like emoticons, but turned sideways. It's pretty funny to think about it, lol.... :-) Oh yeah when something was funny we would lol not by typing "lol", but by making a "ha ha ha" sound!
Anyway then we would take our CDs and the ones we liked that we didn't own, we'd rip to cassette tape (an early encoding mechanism like MP3, but using particles on a plastic tape, really bizarre .. it didn't take any less space but it was still a lossy format). Man, if only the RIAA knew how to track *that* shit (I still have a few hundred tapes somewhere)...
Anyway I'm glad stuff like MUTE is being developed, because without it, there'd be NO way to listen to other people's music!
Errr...NNTP (Usenet) is peer to peer. How do you think all the news servers get their feed? They are peers who pass the posts between each other. Read rfc977. The IHAVE command shows the most obvious proof the protocol was made to be P2P--it is for transferring posts between servers (which are just dedicated peers on the network). You send a post to one server, and it ripples through the other servers--much like a search request on the Gnutella network.
At least it used to work that way, with all the consolidation, we may end up with one big ISP running only one big Usenet server with rec.arts.music.britney.spears as the only allowed group. ;-)
Wet blanket, HO!
This looks like a research project, and the author looks like a researcher. This will never be production code (unless forked).
The source is very hap hazzard right now,
* no LICENSE or COPYING file
* bizzare directory structure
* no INSTALL, README, HACKING files
* no mailing lists (none!)
The head sf admin is head of a bunch of other projects too. I didn't check all of them, but I'm pretty sure he's a _member_ of no one else's project. So you have a guy supporting 10 projects (and maybe more not on sourceforge) who has only written academic code, probably only by himself resume.
He also appears to be gung-ho C++, why not turn the 63k of C++ into 6k of python and worry about features instead of memory management? (bittorrent has proven the bottleneck isn't CPU).
Not a great mix for a successful open source project.
.sig Karma out the wazoo, better to spend points elsewhere if this is above 2 or below 0
There's two battles: technical and legal. The technical battle is easily won - anonymous communication is possible. But as it becomes easier to communicate with true anonynmity, the temptation to ban such communication increases. I think it's pretty clear that such communication is protected speech, but I predict that Congress will pass a bill saying that it isn't. It will eventually fall to the Supreme Court to re-affirm that anonymous speech is protected too.
For this reason, I think it would be better if MUTE promoted itself as a tool for speech, not just copyright infringement.
Litigious bastards
1 Hype your project, get it slashdotted!
2 Brag about your own project's activity, get it slashdotted again yourself!
3 ???
4 PROFIT!!!
Nice way to keep in the publicity though, could use his PR manager. Self-organizing systems are fun though...
This sig is intentionally left blank
Share what only is legal - MP3's where the artist doesn't mind sharing, project gutenburg books, etc.
Hey, I can dream...
> remember when MP3s were traded through web pages?
Remember when MP3s were traded through DCC and FTP?
Anyone bothered to read the MUTE site should be really worried about now. Apart from technical problems and generally suspicious statements, the entire workings of MUTE place every user at the risk of contributory infringement of copyright.
Why doesn't MUTE protect you? Because the "RIAA node" only needs to download a single copyright file and use netstat to take the address of its peer (neighbour) node. It then has the ability to track you (i.e. the neighbour, via your ISP) and has proof of your contribution to the infringement (you actively provided infrastructure for the transfer of the copyright material).
But they need to show you have knowledge of the activity, right? Wrong. First because they'll just subpoena you anyway and it will cost lest to pay the requested amount than to fight them. Second because they only have to prove on a balance of probabilities that you were aware that your "service" was being used for illicit purposes. More on that later.
You also can't claim that you were just providing a service "like an ISP", because you're not. ISPs protect themselves by being telecommunications carriers (which are largely exempt from monitoring content), or having appropriate AUPs with the customers they provide the service for, or responding in an appropriate manner to compliants. For example if you can't or are not prepared to remove known illegal material from your service when you are notified about it, you become a contributory infringer!
Alright, so why can ISPs get away with it and you can't? Because they have AUPs, because they respond to complaints, and most importantly because there is a significant non-infringing use for their network. MUTE, on the other hand, is described specifically as a network dedicated to preserving your anonymity for the purpose of trading in illegal MP3s without getting caught by the RIAA.
Here's an anecdote for you: a landlord was arrested for pimping and money laundering. When he pleaded ignorance the police demonstrated to the court that they could ask virtually any member of the community where there were prostitutes and drug sellers at the building in question, and the answer would be "Yes". So a "reasonable man" was aware of the problem, yet the landlord tried to protect himself by never looking into it. Running a brothel is an offense that attaches to the property owner -- it is his responsibility to take reasonable measures to ensure that the property is not being used for illegal purposes.
The other problems? Phrases like "military-grade encryption" don't inspire confidence, especially in a system that uses asymmetric cryptography without a PKI (and a PKI in this system would pretty much kill the idea of being anonymous). The "RIAA node" could happily perform a man-in-the-middle attack on all secure connections that are established through it.
In general the documentation on MUTE appears to give little consideration to side-channel attacks, concentrating on how secure and anonymous the system is algorithmically.
i-name =twylite [http://public.xdi.org/=twylite], see idcommons.net
i said no text:P
OK, maybe I'm not quite getting the concept here, but it doesn't seem to me that it would be impossible for the RIAA to track where something came from.
I read the MUTE blurb about the ants and the arrows in the forest. So I'm wondering, why couldn't the RIAA send their own 'ants' into the system to experimentally figure out which way the 'arrows' are pointing? Sure it would take a bit of work on their part, but it seems like it could be doable. If node X has built up a lot of information about where messages are being routed and to who (the 'arrows' pointing to paths to various recipients/senders) then those arrows could be followed, and while no node has the complete picture, running enough 'ants' through enough nodes would probably give them some idea. Early on there would be very little of this information, but after a while a lot of this information would exist in the nodes.
Am I missing something?
An agent-based system like this would sort of be like the MUTE system 'turned inside-out'. Nodes wouldn't 'know' how to do much more than how to run agent code and how to pass agent-code along to other nodes. I guess the agent could even be in charge of figuring out which node(s) to send itself to next.
Perhaps the agent could even 'inject' code into nodes thus adding to the functionality available at a node (this would be easy to do with a very dynamic language like, say, Ruby or Lisp).
An intriguing idea. Speaking of biological inspiration, it almost sounds viral. There is evidence that viruses can have positive effects, for example moving DNA to different species.
some viruses are certainly able to travel quickly through a population - like the flu.
Perhaps there could be some way to determine if an agent came from a friend or foe so you could determine that you don't want to run the RIAA's ant...
Sort of like an immune system. Somehow we would need a way to reject agents of unknown (or known hostile) origin.
On the otherhand, if it were agent based it might be more difficult for the RIAA to prove that you were willingly infringing
Yes, the initial code running on a node would probably be fairly simple.
Also the 'injected code' would only reside in memory. It would be very difficult (impossible) for them to find out what you had been running after you turned off the power. Of course this could also be a dissadvantage since after you powerdown you lose all that 'injected' code, but it could issue a request for an update after powering up again, I suppose.
Of course a system like that would be one huge security risk and nobody in their right mind would want to run one of these nodes unless there were some way to make sure that certain types of operations were not doable by an agent passing by
Allow file copying from certain directories only, and disallow file deletion anywhere. I'm sure there would be more security details like don't allow 'system' commands to be run.
sounds like an interesting experiment.
It does. I'd like to prototype something like this. Agents (or Ants if you like) would have to also carry payloads (the files to transfer). When an Ant reaches it's destination it would drop off the payload. Perhaps multiple destinations could be specified for an ant if the file being transferred was popular.
I still use web and only web to keep my MP3 collection with songs I like. Everything is legal: goto Google and get what you want without any suspicions from stupid RIAA :)
Less is more !